Le site comcastbusiness.net est-il sûr ?

Involved in the spreading of an huge quantity of UCE/UBE messages. This domain is infected (or NATting for a computer that is infected) with a spam-sending botnet, most likely Necurs. Necurs generally sends large volumes of Dyre/Dridex/Locky malware, fake pharmaeutical or pornography/dating scams. It was last detected at ***** 06:00 GMT (+/- 30 minutes)

☠ Spamvertized STOOGE Site ☛ Spam Distributors, Email Harvesting, Tracking & Redirection. ☛ Site is associated with or sending Mass UCE Spam. ☛ Spammed site pose Possible Illegal Phishing/ID Theft Scams. ☛ Site uses Shortened/Obscured Redirection URLs to HIDE the true web address. ☛ User beware. Do not become their next victim. *<*-*>* The intended and deceitful practice of sending Unsolicited Commercial Email (UCE), Unsolicited Bulk Email (UBE) is not consistent with how a "legitimate and reputable company" would/should do business. *<~>* Common illegal and deceitful practices include: forging the email header, forging the "To" email address, omitting or "munged" the email "To" address and obscuring the website/domain URL (obfuscated the HTML links) and using Shortened URLs to HIDE their true web address. (•ิ_•ิ) Why would you trust a company that needs to knowingly send Illegal Mass UCE Spam? Which of course sounds nothing like how a legitimate and reputable company would/should do business! (•ิ_•ิ) Always remember the basic rules about Scammers/Spammers: ❶ Scammers/Spammers always lie. ❷ If a Scammers/spammer says they aren't lying, see rule 1. ☠ Spamming Stooge Host: hxxp://hnicorp.com ☠ Spamming Stooge Host: hxxp://comcastbusiness.net ☠ Received: from 50-195-72-180-static.hfc.comcastbusiness.net From: ***** ☠ Sent Using IP: *****

Every person who has Comcast Business Class as an ISP has a reverse DNS in this range. Apparently, at least 6 of those people are hackers or have set up phishing sites. They should be reported to Comcast, who would almost certainly terminate the accounts and pursue legal action against the offending parties. There's no need to "throw out the baby with the bathwater" and mistrust ALL Comcast ISP customers. That's a bit extreme.

Hacker Alarm Mar 17 23:24:45 h2094448 postfix/smtpd[30893]: connect from 74-95-89-172-WashingtonDC.hfc.comcastbusiness.net[74.95.89.172] Mar 17 23:24:45 h2094448 postfix/smtpd[30893]: warning: 74-95-89-172-WashingtonDC.hfc.comcastbusiness.net[74.95.89.172]: SASL LOGIN authentication failed: authentication failure Mar 17 23:24:46 h2094448 postfix/smtpd[30893]: warning: 74-95-89-172-WashingtonDC.hfc.comcastbusiness.net[74.95.89.172]: SASL LOGIN authentication failed: authentication failure Mar 17 23:24:46 h2094448 postfix/smtpd[30893]: warning: 74-95-89-172-WashingtonDC.hfc.comcastbusiness.net[74.95.89.172]: SASL LOGIN authentication failed: authentication failure Mar 17 23:24:46 h2094448 postfix/smtpd[30893]: warning: 74-95-89-172-WashingtonDC.hfc.comcastbusiness.net[74.95.89.172]: SASL LOGIN authentication failed: authentication failure Mar 17 23:24:46 h2094448 postfix/smtpd[30893]: warning: 74-95-89-172-WashingtonDC.hfc.comcastbusiness.net[74.95.89.172]: SASL LOGIN authentication failed: authentication failure Mar 17 23:24:47 h2094448 postfix/smtpd[30893]: warning: 74-95-89-172-WashingtonDC.hfc.comcastbusiness.net[74.95.89.172]: SASL LOGIN authentication failed: authentication failure Mar 17 23:24:47 h2094448 postfix/smtpd[30893]: warning: 74-95-89-172-WashingtonDC.hfc.comcastbusiness.net[74.95.89.172]: SASL LOGIN authentication failed: authentication failure Mar 17 23:24:47 h2094448 postfix/smtpd[30893]: disconnect from 74-95-89-172-WashingtonDC.hfc.comcastbusiness.net[74.95.89.172] The next Hacker Attack: Mar 26 13:26:00 h2094448 postfix/smtpd[12736]: connect from 173-162-239-69-NewEngland.hfc.comcastbusiness.net[173.162.239.69] Mar 26 13:26:05 h2094448 postfix/smtpd[12736]: disconnect from 173-162-239-69-NewEngland.hfc.comcastbusiness.net[173.162.239.69] Mar 26 13:26:07 h2094448 postfix/smtpd[12736]: connect from 173-162-239-69-NewEngland.hfc.comcastbusiness.net[173.162.239.69] Mar 26 13:26:07 h2094448 postfix/smtpd[12739]: connect from 173-162-239-69-NewEngland.hfc.comcastbusiness.net[173.162.239.69] Mar 26 13:26:09 h2094448 postfix/smtpd[12740]: connect from 173-162-239-69-NewEngland.hfc.comcastbusiness.net[173.162.239.69] Mar 26 13:26:10 h2094448 postfix/smtpd[12741]: connect from 173-162-239-69-NewEngland.hfc.comcastbusiness.net[173.162.239.69] Mar 26 13:26:11 h2094448 postfix/smtpd[12742]: connect from 173-162-239-69-NewEngland.hfc.comcastbusiness.net[173.162.239.69] Mar 26 13:26:12 h2094448 postfix/smtpd[12736]: warning: 173-162-239-69-NewEngland.hfc.comcastbusiness.net[173.162.239.69]: SASL LOGIN authentication failed: authentication failure Mar 26 13:26:12 h2094448 postfix/smtpd[12744]: connect from 173-162-239-69-NewEngland.hfc.comcastbusiness.net[173.162.239.69] Mar 26 13:26:13 h2094448 postfix/smtpd[12745]: connect from 173-162-239-69-NewEngland.hfc.comcastbusiness.net[173.162.239.69]